General

Profile

Stian Bergseth

  • Registered on: 10/07/2016
  • Last connection: 11/05/2019

Issues

Projects

Activity

11/05/2019

02:22 PM Suricata Feature #3298: Create a config flag in the DNS logger to limit events to only the ones in the custom field
I guess it depends a bit.
I was under the impression that only the specified lookups/responses in the custom field w...
Stian Bergseth
02:18 PM Suricata Feature #3296: Include in the fileinfo if it was a duplicate
I did not bring it up actually :)
But iirc the wanted feature was to update the metainfo in filestore with first s...
Stian Bergseth

11/01/2019

04:34 PM Suricata Feature #3298: Create a config flag in the DNS logger to limit events to only the ones in the custom field
eve.json output from the same host... Stian Bergseth
04:31 PM Suricata Feature #3298: Create a config flag in the DNS logger to limit events to only the ones in the custom field
Output from suricata --dump-config... Stian Bergseth
04:14 PM Suricata Feature #3298 (Feedback): Create a config flag in the DNS logger to limit events to only the ones in the custom field
I am currently running Suricata with the following YAML for dns logging:... Stian Bergseth

10/23/2018

12:14 PM Suricata Bug #2627: lua: load script from same location as rule file if not in default rule location
I took a crack at this, https://github.com/OISF/suricata/pull/3523 Stian Bergseth

10/22/2018

02:18 PM Suricata Feature #1658: Docs: Add Installation Guides to the Sphinx Documentation
Isnt this already resolved? https://suricata.readthedocs.io/en/latest/install.html Stian Bergseth
01:45 PM Suricata Feature #2644 (New): Add direction of stream to eve-json events
Add a direction field in eve-json to indicate what direction the stream started with.
Stian Bergseth

12/01/2017

05:20 AM Suricata Feature #2319 (New): Expose flow lifetime to the rulelanguage
During the roadmap discussion in Prague someone asked for the possiblity to detect long lived sessions.
VictorJ said...
Stian Bergseth

10/25/2017

03:31 AM Suricata Bug #2251: Suricata won't start - SC_ERR_AHO_CORASICK
From suricata.yaml
detect-engine:
- profile: custom
- custom-values:
toclient-src-groups: 200
...
Stian Bergseth

Also available in: Atom